cbcvebase.

Southrivertech Titan Ftp Server vulnerabilities

10 known vulnerabilities affecting southrivertech/titan_ftp_server.

Total CVEs
10
CISA KEV
0
Public exploits
7
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM9

Vulnerabilities

Page 1 of 1
CVE-2023-22629P2HIGHCVSS 8.8PoC≤ 1.94.12052023-02-14
CVE-2023-22629 [HIGH] CWE-22 CVE-2023-22629: An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal v An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.
nvd
CVE-2019-10009P3MEDIUMCVSS 6.5PoCv20192019-06-03
CVE-2019-10009 [MEDIUM] CWE-22 CVE-2019-10009: A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory.
nvd
CVE-2014-1841P3MEDIUMCVSS 5.0PoC≤ 10.40v10.0.1733+2 more2014-04-29
CVE-2014-1841 [MEDIUM] CWE-22 CVE-2014-1841: Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 a Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter.
nvd
CVE-2008-6082P4MEDIUMCVSS 5.0PoCv6.262009-02-06
CVE-2008-6082 [MEDIUM] CWE-399 CVE-2008-6082: Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumptio Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command.
nvd
CVE-2014-1842P3MEDIUMCVSS 5.0PoC≤ 10.40v10.0.1733+2 more2014-04-29
CVE-2014-1842 [MEDIUM] CWE-22 CVE-2014-1842: Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 a Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value.
nvd
CVE-2014-1843P3MEDIUMCVSS 5.0PoC≤ 10.40v10.0.1733+2 more2014-04-29
CVE-2014-1843 [MEDIUM] CWE-22 CVE-2014-1843: Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 a Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter.
nvd
CVE-2010-2426P4MEDIUMCVSS 4.0PoC≤ 8.10.1125v1.0.17+124 more2010-06-24
CVE-2010-2426 [MEDIUM] CWE-22 CVE-2010-2426: Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.112 Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command.
nvd
CVE-2010-2425P4MEDIUMCVSS 6.5≤ 8.10.1125v1.0.17+124 more2010-06-24
CVE-2010-2425 [MEDIUM] CWE-22 CVE-2010-2425: Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.112 Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
nvd
CVE-2023-45690P4MEDIUMCVSS 4.9≤ 2.0.16.22772023-10-16
CVE-2023-45690 [MEDIUM] CWE-276 CVE-2023-45690: Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allo Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem
nvd
CVE-2022-44215P4MEDIUMCVSS 6.1≤ 19.02023-08-22
CVE-2022-44215 [MEDIUM] CWE-601 CVE-2022-44215: There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL.
nvd
Southrivertech Titan Ftp Server vulnerabilities | cvebase